Temporary files generated by the endpoint agent software
For the purposes of anti-malware detection, file type detection, unpacking or other content filtering (known as the scanners), the endpoint agents will use a caching strategy based on configuration settings. Caching is used by scanners that are operating on the HTTP response body.
The Maximum Scan Size and Scan Small Files In Memory options will determine when content will be written to disk by the enabled scanners. The scanners will not attempt to scan files that are greater in size than the Maximum Scan Size setting (in megabytes). If Scan Small Files In Memory is enabled for all scanners that support it, then files will only be written to disk if they exceed 100Mb in size and are less than the maximum scan size setting.
/plugins_data/response_storage is used to cache the files on disk if the scanner is not able to use Scan Small Files In Memory and the Maximum Scan Size has not been reached.
The file is removed from disk as soon as processing has completed.